Handle restricted permissions for shared UID components - CTS

We set the app op for a restricted permission to allow if the app
requesting the permission is whitelisted and to deny if the app requesting
the permission is not whitelisted. However, there is another case where an
app in a shared user can access a component in another app in the same shared
user due to being in the same shared user and not by having the permission
that guards the component form the rest of the world. We need to handle this.
The way we do this is by setting app ops corresponding to non requested
restricted permissions to allow as this would allow the shared uid access
case and be okay for other apps as they would not have the permission and
would fail on the permission checks before reaching the app op check.

Test: atest CtsAppSecurityHostTestCases:android.appsecurity.cts.PermissionsHostTest
Test: atest CtsPermissionTestCases
Test: atest CtsPermission2TestCases
Test: atest CtsRoleTestCases
Test: shell query commands now work


Change-Id: Icc171106e8dbbf0a86a7430cc16fe9ce80830991
(cherry picked from commit 5c2032458e625fc9d7d3b5e1dff8fd8e7bc537bc)
diff --git a/tests/tests/role/src/android/app/role/cts/RoleManagerTest.java b/tests/tests/role/src/android/app/role/cts/RoleManagerTest.java
index 2a25003..2fef392 100644
--- a/tests/tests/role/src/android/app/role/cts/RoleManagerTest.java
+++ b/tests/tests/role/src/android/app/role/cts/RoleManagerTest.java
@@ -554,7 +554,7 @@
         removeRoleHolder(RoleManager.ROLE_SMS, APP_PACKAGE_NAME);
         assertThat(AppOpsUtils.getOpMode(APP_PACKAGE_NAME, AppOpsManager.OPSTR_SEND_SMS))
-                .isEqualTo(AppOpsManager.opToDefaultMode(AppOpsManager.OPSTR_SEND_SMS));
+                .isEqualTo(AppOpsManager.MODE_ALLOWED);